General Category > General Computing/Macintosh

DNS changing Malware affects Mac users

(1/1)

xairbusdriver:

--- Quote from: TidBITS --- OSX/MaMi hijacks macOS?s DNS settings to intercept traffic by routing it through malicious servers...But unless you did something to bypass macOS?s Gatekeeper security, you likely have nothing to worry about since the malware?s executable isn?t signed by Apple.
--- End quote ---

--- Quote from: Hacker News ---Patrick [Wardle] believes that the attackers could be using lame methods like malicious emails, web-based fake security alerts/popups, or social-engineering type attacks to target Mac users.
--- End quote ---
Open System Prefs->Network. Click "Advanced" and then the "DNS" tab. Look for:82.163.143.135
82.163.142.137If you find those IP addresses, you have been infected by the malware. Currently no fix, but you can at least delete those two addresses.Hacker News
I failed to mention the need to check all your internet access methods: WiFi, Ethernet, etc. WiFi usually has the modem address, 10.0.0.xxx.

elagache:
Dear X-Air and WeatherCat sys-admins,

Thanks for the head's up.  Indeed most of us are safe from this malware, and sure enough, I double-checked our home network and all is safe and sound.

Cheers, Edouard

Navigation

[0] Message Index